1. 准备主机

每个主机做以下准备

1.1 修改/etc/hosts

cat >> /etc/hosts <<EOF
192.168.110.11 k8s-master
192.168.110.12 k8s-node1
192.168.110.13 k8s-node2
EOF

1.2 修改主机名

# 在master节点执行sudo hostnamectl set-hostname k8s-master# 在node1节点执行<br/>sudo hostnamectl set-hostname k8s-node1<br/># 在node2节点执行<br/>sudo hostnamectl set-hostname k8s-node2<br/>

1.3 设置时区为上海

timedatectl set-timezone Asia/Shanghai
#将当前的 UTC 时间写入硬件时钟
timedatectl set-local-rtc 0
#重启依赖于系统时间的服务
systemctl restart rsyslog
systemctl restart crond

1.4 修改仓库源

#修改仓库源、安装必要工具
curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo
yum install -y conntrack ntpdate ntp ipvsadm ipset jq iptables curl sysstat libseccomp wget vim net-tools git

1.5 关闭 swap 和 selinux

#关闭swap：
swapoff -a && sed -ri 's/.*swap.*/#&/' /etc/fstab
#关闭selinux：
setenforce 0 && sed -i 's/enforcing/disabled/' /etc/selinux/config

1.6 关闭防火墙

#关闭firewalld配置iptabes
systemctl stop firewalld && systemctl disable firewalld
yum -y install iptables-services && systemctl start iptables && systemctl enable iptables && iptables -F && iptables-save > /etc/sysconfig/iptables

1.7 关闭postfix

#关闭postfix
systemctl stop postfix && systemctl disable postfix

2. 安装Docker

Docker安装很简单。

此处省略...

3. 所有节点安装kubeadm

3.1 配置K8S阿里云源

cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF

3.2 安装kubeadm kubelet kubectl指定版本

#查看可安装的k8s版本
yum list kubeadm --showduplicates | sort -r
#安装1.28版本的k8s 
yum install -y kubelet-1.28.2-0 kubeadm-1.28.2-0 kubectl-1.28.2-0

3.2 设置kubelet开机自启

systemctl enable --now kubelet.service

3.3 初始化master节点

kubeadm init --image-repository registry.aliyuncs.com/google_containers --apiserver-advertise-address=192.168.110.11 --kubernetes-version=v1.28.2 --service-cidr=10.96.0.0/12 --pod-network-cidr=10.244.0.0/16 

kubeadm init --image-repository registry.aliyuncs.com/google_containers --kubernetes-version=v1.28.2 --apiserver-advertise-address=192.168.110.11 --pod-network-cidr=10.244.0.0/16 --service-cidr=10.96.0.0/12
[init] Using Kubernetes version: v1.28.2
[preflight] Running pre-flight checks
error execution phase preflight: [preflight] Some fatal errors occurred:
[ERROR CRI]: container runtime is not running: output: time="2025-01-09T17:29:02+08:00" level=fatal msg="validate service connection: CRI v1 runtime API is not implemented for endpoint \"unix:///var/run/containerd/containerd.sock\":                                                                                       rpc error: code = Unimplemented desc = unknown service runtime.v1.RuntimeService"
, error: exit status 1
[preflight] If you know what you are doing, you can make a check non-fatal with `--ignore-preflight-errors=...`
To see the stack trace of this error execute with --v=5 or higher

输出提示对应的创建配置文件的提示<br/>kubeadm join 192.168.110.11:6443 --token ........ \        --discovery-token-ca-cert-hash sha256:..........

mkdir -p $HOME/.kube
cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
chown $(id -u):$(id -g) $HOME/.kube/config

4. 安装网络插件

下载flannel的yml文件并创建，这里单独下载了镜像上传到了阿里云ACR上，需要修改yml文件里的image地址。

wget https://github.com/flannel-io/flannel/releases/download/v0.24.3/kube-flannel.yml
sed -i '/ image:/s#docker.io/flannel#registry.cn-hangzhou.aliyuncs.com/luoyuxin#' kube-flannel.yml

构建flannel

kubectl create -f kube-flannel.yml
kubectl get pod -n kube-flannel

5. 子节点加入集群

在k8s-node1、k8s-node2上执行以下命令

kubeadm join 192.168.110.11:6443 --token sqbql0.9kgmvufoticy2jip \
>         --discovery-token-ca-cert-hash sha256:cc3f2dfdb947fa7efc53e16fc15c5a22a5a31dda4cf54fa0004a796550774475

如果出现以下错误：

[preflight] Running pre-flight checks
error execution phase preflight: [preflight] Some fatal errors occurred:
        [ERROR CRI]: container runtime is not running: output: time="2025-01-09T17:57:09+08:00" level=fatal msg="validat                                                                                      e service connection: CRI v1 runtime API is not implemented for endpoint \"unix:///var/run/containerd/containerd.sock\":                                                                                       rpc error: code = Unimplemented desc = unknown service runtime.v1.RuntimeService"
, error: exit status 1
[preflight] If you know what you are doing, you can make a check non-fatal with `--ignore-preflight-errors=...`
To see the stack trace of this error execute with --v=5 or higher

按照附录1操作，再次执行加入集群的命令。

附录1